Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/GxlYLvnHEvgaGvR6DCBphpFnzRM.roa
File: GxlYLvnHEvgaGvR6DCBphpFnzRM.roa (raw, json)
Hash identifier: K/LD9Ct40dF4j2T9vZD0lETgIw6UbUAAK5hOvUJW/fY=
Subject key identifier: 1B:19:58:2E:F9:C7:12:F8:1A:1A:F4:7A:0C:20:69:86:91:67:CD:13
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41DE80484A149566DF751F6B556054
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/GxlYLvnHEvgaGvR6DCBphpFnzRM.roa
Signing time: Sun 01 Jan 2023 16:54:48 +0000
ROA not before: Sun 01 Jan 2023 16:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50336
IP address blocks: 188.211.224.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:de:80:48:4a:14:95:66:df:75:1f:6b:55:60:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b19582ef9c712f81a1af47a0c2069869167cd13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bf:88:d2:e1:3d:c8:84:5b:03:c7:15:c1:7c:
c3:47:40:99:dd:99:a9:d0:43:85:e8:f8:b0:39:c0:
e2:8b:8c:f5:40:ff:ce:91:1e:5a:f8:8c:8e:1a:9c:
d4:58:1f:9f:fb:d7:71:af:bd:fc:3c:5d:0e:35:cd:
d0:2f:9a:15:ed:f0:aa:90:68:89:90:db:3c:0e:ec:
6b:a8:85:dd:b9:c4:09:85:1e:08:15:05:c1:4e:e1:
cc:20:09:2c:72:9d:92:e0:2a:40:3e:3a:cd:f8:18:
0d:3a:d7:96:48:84:62:47:23:a5:46:57:ba:ad:27:
62:10:71:ec:49:fd:6d:46:2a:49:7a:9b:7f:1c:9a:
64:e9:b4:72:eb:bd:54:ab:78:52:25:8e:12:5f:94:
ba:26:e4:3f:92:76:e4:1c:b9:2f:37:84:21:36:2b:
22:f5:6f:e7:4f:60:d9:15:75:74:a7:6e:52:dc:56:
63:0a:6f:54:21:3c:8e:49:a3:fe:53:13:3b:c5:f8:
58:45:30:af:5a:7a:19:6b:77:19:35:ec:55:96:2c:
33:11:f1:b3:ed:89:a1:16:38:89:d8:25:de:9b:9b:
32:fe:40:75:1d:40:77:1a:97:02:6f:26:66:cc:d5:
60:f9:21:7f:1e:07:4c:9d:83:f2:38:2f:f8:b3:d4:
9e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:19:58:2E:F9:C7:12:F8:1A:1A:F4:7A:0C:20:69:86:91:67:CD:13
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/GxlYLvnHEvgaGvR6DCBphpFnzRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.211.224.0/22
Signature Algorithm: sha256WithRSAEncryption
42:73:97:17:ea:33:71:95:12:89:d6:29:58:b7:eb:ee:bc:eb:
05:bc:51:be:14:2a:34:a1:a4:e7:b7:9e:72:7a:fb:9f:2f:88:
43:fd:dd:fb:d9:2a:38:0e:5d:2e:89:af:9f:6a:fe:98:f7:2c:
4a:ca:67:bd:2c:33:95:e3:06:17:79:d9:04:08:8c:e4:ce:9b:
e8:55:ae:07:5c:1f:d4:db:32:5d:fb:96:2c:73:b5:3c:b6:62:
2a:76:b9:4f:9a:40:12:d5:91:bd:04:f6:39:b6:e5:26:48:65:
fe:ba:4a:90:50:89:92:ec:b2:a7:53:70:2f:b6:8b:c0:00:bc:
da:09:69:4b:bf:0d:07:8a:83:09:51:d8:92:1b:22:ea:79:77:
65:00:5f:50:38:d1:33:89:d3:24:e4:c3:74:c2:a6:8f:ce:fa:
e6:c2:fc:4b:34:03:87:f6:c0:d0:47:4e:49:fc:0f:e6:7d:89:
4b:10:51:40:c8:b4:59:66:23:c9:e7:99:ce:aa:f3:22:3b:88:
e4:c9:60:24:12:99:bd:f7:02:8d:18:ea:98:ad:8d:a6:e5:57:
d3:f8:8a:85:f4:f3:72:e8:03:56:4d:ae:f0:11:57:c4:0e:d7:
28:7d:52:00:9c:1c:42:d4:4e:8e:6d:89:3f:65:03:40:26:49:
79:1f:bf:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuQd6ASEoUlWbfdR9rVWBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjE5NTgyZWY5YzcxMmY4MWExYWY0N2EwYzIwNjk4NjkxNjdjZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkr+I0uE9yIRbA8cVwXzDR0CZ3Zmp
0EOF6PiwOcDii4z1QP/OkR5a+IyOGpzUWB+f+9dxr738PF0ONc3QL5oV7fCqkGiJ
kNs8DuxrqIXducQJhR4IFQXBTuHMIAkscp2S4CpAPjrN+BgNOteWSIRiRyOlRle6
rSdiEHHsSf1tRipJept/HJpk6bRy671Uq3hSJY4SX5S6JuQ/knbkHLkvN4QhNisi
9W/nT2DZFXV0p25S3FZjCm9UITyOSaP+UxM7xfhYRTCvWnoZa3cZNexVliwzEfGz
7YmhFjiJ2CXem5sy/kB1HUB3GpcCbyZmzNVg+SF/HgdMnYPyOC/4s9SejwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBsZWC75xxL4Ghr0egwgaYaRZ80TMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvR3hsWUx2bkhFdmdhR3ZSNkRDQnBocEZuelJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNPgMA0G
CSqGSIb3DQEBCwUAA4IBAQBCc5cX6jNxlRKJ1ilYt+vuvOsFvFG+FCo0oaTnt55y
evufL4hD/d372So4Dl0uia+fav6Y9yxKyme9LDOV4wYXedkECIzkzpvoVa4HXB/U
2zJd+5Ysc7U8tmIqdrlPmkAS1ZG9BPY5tuUmSGX+ukqQUImS7LKnU3AvtovAALza
CWlLvw0HioMJUdiSGyLqeXdlAF9QONEzidMk5MN0wqaPzvrmwvxLNAOH9sDQR05J
/A/mfYlLEFFAyLRZZiPJ55nOqvMiO4jkyWAkEpm99wKNGOqYrY2m5VfT+IqF9PNy
6ANWTa7wEVfEDtcofVIAnBxC1E6ObYk/ZQNAJkl5H7+u
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:24 2025 by rpki-client